Privacy Policy - Selfstorage Merton

This Privacy Policy explains how Selfstorage Merton collects, uses, stores, shares, and protects personal data. It applies to all Selfstorage Merton customers in the area, including prospective customers, current customers, former customers, and anyone who interacts with us in connection with storage services, account management, access arrangements, payments, and related enquiries. We are committed to handling personal data in a way that is lawful, fair, transparent, and consistent with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, you acknowledge that we may process personal data as described in this policy. We only collect information that is necessary for clearly defined purposes and retain it only for as long as required by law or for legitimate business needs.

1. Data We Collect

We may collect and process the following categories of personal data:

  • Identity data such as your name, date of birth, and identification details where needed for verification.
  • Contact data such as address, email address, and telephone number.
  • Account and contract data including storage unit details, rental dates, service preferences, and billing information.
  • Payment data such as payment method, transaction records, and invoices. We do not store full card details where payment processing is handled securely by a payment provider.
  • Security and access data including entry logs, CCTV records, key or access credentials, and incident reports where applicable.
  • Communication data including records of enquiries, complaints, notices, and other correspondence.
  • Technical data such as IP address or device-related information if you interact with our digital systems.

In some cases, we may also receive personal data from third parties, for example credit reference agencies, payment processors, insurers, legal representatives, or persons authorised to act on your behalf.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage storage agreements.
  • To verify identity and prevent fraud or misuse of our services.
  • To process payments, issue invoices, and manage account administration.
  • To provide access to storage facilities and maintain site security.
  • To communicate with customers about their accounts, service changes, and operational matters.
  • To respond to enquiries, complaints, and requests.
  • To meet legal, regulatory, tax, insurance, and record-keeping obligations.
  • To defend or establish legal claims and protect our legitimate business interests.

We will only use your personal data for purposes that are compatible with the original reason it was collected, unless we are required or permitted by law to do otherwise.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Depending on the context, Selfstorage Merton relies on the following lawful bases:

Contract

We process data where it is necessary to enter into or perform a contract with you, such as managing your storage unit, billing, access arrangements, and customer support.

Legal obligation

We process data when required to comply with legal and regulatory obligations, including tax, accounting, anti-fraud, safety, and lawful disclosure requirements.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided that those interests are not overridden by your rights and freedoms. This may include security monitoring, preventing theft or damage, maintaining accurate records, improving services, and protecting our business from claims.

Consent

In limited cases, we may rely on your consent, for example where it is appropriate to use certain optional services or communications. When we rely on consent, you have the right to withdraw it at any time.

We do not normally rely on consent where another lawful basis is more appropriate and robust for the service relationship.

4. Data Sharing and Processors

We may share personal data with trusted third parties where necessary for the purposes set out in this policy. These third parties act either as independent controllers or as processors acting on our instructions.

Processors may include:

  • Payment service providers who process transactions securely.
  • IT and cloud service providers that host or support our systems.
  • Security service providers, including CCTV maintenance and monitoring providers.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.
  • Collection or recovery agents where accounts are in arrears, if lawful and necessary.

We require processors to protect personal data, use it only for authorised purposes, and implement appropriate technical and organisational safeguards. We do not sell personal data.

We may also disclose data if required by law, by a court order, to law enforcement, or to protect the rights, safety, or property of Selfstorage Merton, our customers, or others.

5. Retention of Personal Data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, insurance, and reporting obligations.

Retention periods may vary depending on the category of data and the reason for processing. For example:

  • Contract and billing records are generally kept for the duration of the customer relationship and for a further period required by law or to resolve disputes.
  • Security records, such as access logs and CCTV footage, are kept only for as long as necessary for security, investigation, or legal purposes.
  • Correspondence and complaint records may be retained to evidence service handling and compliance.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

6. Data Security

We take reasonable and appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, password protection, staff confidentiality obligations, and regular system review.

However, no method of transmission or storage is completely secure. While we work to protect your information, we cannot guarantee absolute security.

7. Your Rights

Depending on the legal basis for processing and other applicable conditions, you may have the following rights under data protection law:

  • Right of access - to request a copy of the personal data we hold about you.
  • Right to rectification - to ask us to correct inaccurate or incomplete data.
  • Right to erasure - to request deletion of your data in certain circumstances.
  • Right to restriction - to ask us to limit the processing of your data in certain cases.
  • Right to data portability - to receive certain data in a structured, commonly used format where applicable.
  • Right to object - to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent - where processing is based on consent, you can withdraw it at any time.

You also have the right to raise concerns about how your data is handled. If you believe your data protection rights have not been respected, you may be entitled to complain to the relevant supervisory authority.

Please note that some rights may not apply in all situations. For example, we may need to keep certain records to comply with legal obligations or to defend a claim.

8. Children’s Data

Our storage services are intended for adults and business users. We do not knowingly collect personal data from children in connection with our services. If we become aware that such data has been collected without appropriate authority, we will take reasonable steps to delete it.

9. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it in accordance with applicable law. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The most recent version will apply to the processing of your personal data. We encourage customers to review this policy periodically so they remain informed about how their information is handled.

11. Summary of Our Commitment

Selfstorage Merton is committed to privacy, transparency, and accountability. We only collect data that we need, we process it on a valid legal basis, we share it only where necessary and secure, and we keep it only for as long as required. Our goal is to ensure that all Selfstorage Merton customers in the area can use our services with confidence that their personal information is handled responsibly and in line with data protection law.

This policy should be read together with any applicable customer terms or service agreements that describe the operational details of your storage arrangement.

Call Now!
Call Now Get a Quote
Selfstorage Merton

GDPR-compliant Privacy Policy for Selfstorage Merton covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.